Notices


Reply
Thread Tools
Guest | Posts: n/a | Thanked: 0 times | Joined on
#11
@custodian thanks, I really dont want anything on my openrepos that can cause issues like this
 
Custodian's Avatar
Posts: 747 | Thanked: 2,370 times | Joined on May 2012 @ Moscow, Russia
#12
Originally Posted by nieldk View Post
@custodian thanks, I really dont want anything on my openrepos that can cause issues like this
I think that this issue is resolved now.
If you upload multiple rpm(deb) files with differen names (i.e. tor, libevent), order them and make main package to be the first one.
But true way is to create separate packages library libevent, and application tor.

Warehouse recieves package name for install/remove/update from first file attached to application node.
__________________
twitter: @basil_s home: http://thecust.net
OpenRepos.net - community driven repository project. Warehouse - native client for OpenRepos.net
Buy me a beer
 

The Following User Says Thank You to Custodian For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#13
tor is back!
working great with my new build, changed default browser config (installation does this for you) so default browser actually uses tor by default, also, tor daemon is configured to listen on 127.0.0.1/9050 for socks connections, and is started and enabled so it stays permanent after boot.
 

The Following 6 Users Say Thank You to For This Useful Post:
richardski's Avatar
Posts: 58 | Thanked: 63 times | Joined on Dec 2009 @ Marlborough, Wiltshire, UK
#14
This will really help to improve the privacy and security when browsing.

Richard
 
Posts: 11 | Thanked: 7 times | Joined on Sep 2009
#15
Thanks for building this nieldk.

It works great but everyone please note that installing this and using the default sailfish browser will not give you the same level of anonymity or censorship circumvention of the Tor Browser Bundle on a typical desktop machine. This is because DNS will still be working as usual - not through tor. If you attempt to browse to example.org then you will be telling that to your DNS provider (typically your ISP). In addition this means you can't access .onion sites by default.

Perhaps it would be a good idea for this tor package to set up TorDNS[1], potentially changing /etc/resolv.conf to point to it.


[1] https://wiki.archlinux.org/index.php/Tor#TorDNS
 

The Following 2 Users Say Thank You to equim For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#16
this is somewhat true, But, using tordns does add some other (for me) not wanted issues regarding DNS queries ( it can only handle certain record types)
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.

Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is

http://www.antitree.com/how-tor-does...aking-bad-way/
 

The Following 2 Users Say Thank You to For This Useful Post:
Posts: 11 | Thanked: 7 times | Joined on Sep 2009
#17
Thanks nieldk - I agree it might be problematic to get this working without breaking some DNS queries.

For anyone intereseted, I got TorDNS working by redirecting all outgoing DNS queries to it with iptables. Here are the instructions (only do it if you have a good idea what what all this means, and again it might break certain DNS queries):

Add the following to /etc/tor/torrc:
DNSPort 9053
AutomapHostsOnResolve 1
AutomapHostsSuffixes .exit,.onion
su-devel
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053

Then restart tor. Check that it's working by going to a tor hidden service like duckduckgo's: 3g2upl4pq6kufc4m.onion.
 

The Following User Says Thank You to equim For This Useful Post:
Posts: 64 | Thanked: 36 times | Joined on Feb 2012 @ US
#18
Originally Posted by nieldk View Post
this is somewhat true, But, using tordns does add some other (for me) not wanted issues regarding DNS queries ( it can only handle certain record types)
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.

Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is

http://www.antitree.com/how-tor-does...aking-bad-way/
Just got redsocks (system-wide transparent proxy) packed and uploaded to openrepos
 
Guest | Posts: n/a | Thanked: 0 times | Joined on
#19
Originally Posted by gexc View Post
Just got redsocks (system-wide transparent proxy) packed and uploaded to openrepos
does it adjust by the propeties set in WLAN configuration on Sailfish? I build squid and while it wirks, the Jolla itself doesnt seem to care about the proxy settings available in system.
 
Posts: 64 | Thanked: 36 times | Joined on Feb 2012 @ US
#20
It does not use the WLAN configs. Instead an iptables script is needed to 'hijack' all the traffic through the proxy. 'Transparent' means that the system does not know there is a proxy set up.

Last edited by gexc; 2014-05-14 at 17:19.
 

The Following User Says Thank You to gexc For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 01:34.